In the previous chapters, you have configured your JIRA to capture data with customized screens and fields, and processed the captured data through workflows. What you need to do now is secure the data you have gathered to make sure that only the authorized users can access and manipulate issues.
Since your Help Desk Project is used by your internal team, what you really need to do is to put enough permission around your issues to ensure the data they hold do not get modified by other users, usually by mistake. This allows us to mitigate human errors by handling access accordingly.
To achieve this, you need to have the following requirements:
- You need to be able to tell who belongs to the help desk team
- Restrict issue assign operations to only the user that has submitted the ticket and members of the help desk team
- Not to allow tickets to be moved to other projects
- Limit the assignee of tickets to the reporter and members of the help desk team
Of course, there are a lot of other permissions we can apply here; the preceding four requirements will be a good starting point for us to build on further.
The first thing you need to do is to set up a new group for your help desk team members. This will help you distinguish normal JIRA users from your help desk staff:
- Browse to the Group Browser page.
- Name the new group
help-desk-teamin the Add Group section. - Click on the Add Group button.
You can create more groups for other teams and departments, for your scenario here. Since anyone can log a ticket in your project, there is no need to make that distinction.
With your group set up, you can start assigning members of your team to the new group:
- Browse to the Group Browser page.
- Click on the Edit Members link for the
help-desk-teamgroup. - Select users with the user picker or simply type in the usernames separated with a comma. This time, let's add our admin user to the group.
- Click on the Join button.
The next step is to set up permissions for our Help Desk project, so you need to have your own permission scheme. As always, it is more efficient to copy the Default Permission Scheme as a baseline and make your modifications on top, since we are only making a few changes here:
- Browse to the Permission Schemes pages.
- Click on the Copy link for Default Permission Scheme.
- Click on the Edit link for the new copy of Default Permission Scheme created.
- Name the new permission scheme
Help Desk Permission Scheme. - Change the description to
Permission scheme designed for Help Desk team projects.
Now we have our base permission scheme setup, we can start on the fun part, interpreting requirements and implementing them in JIRA.
The first thing you need to do when you start to set up permissions is try to match up existing JIRA permissions to your requirements. In our case, we want to restrict the following:
- Who can assign issues?
- Who can be assigned to an issue?
- Disable issues from being moved
Looking at the existing list of JIRA permissions, you can see that we can match up the requirements with the Assign Issues, Assignable Users, and Move Issues permissions respectively.
Once you have worked out what permissions you need to modify, the next step is to work out a strategy to specify the users that should be given the permissions. Restricting move issue options is simple. All you have to do is remove the permission from everyone, thus effectively preventing anyone from moving issues in your project.
The next two requirements are similar, as they are both granted to the reporter (user that submitted the ticket), and our new help-desk-team group:
- Browse to the Permission Schemes pages.
- Click on the Permissions link for Help Desk Permission Scheme.
- Click on the Grant permission link.
- Select both Assign Users and Assignable Users permissions.
- Select the Reporter option.
- Click on the Add button.
- Repeat the steps and grant the
help-desk-teamgroup both permissions.
By selecting both the permissions in one go, you have quickly granted multiple permissions to users. Now, you need to remove all the users granted with the Move Issues permission. There should be only one granted at the moment, Project Role (Developer), but if you have more than one granted, you will need to remove all of them:
- Browse to the Permission Schemes page.
- Click on the Permissions link for Help Desk Permission Scheme.
- Click on the Delete link for all the users that have been granted Move Issues permission.
That's it! You have addressed all of our permission requirements with just a few clicks.
Last but not least, you can now put on our project administrator's hat and apply your new permission scheme to your Help Desk project:
- Browse to the Project Administration page for your Help Desk project.
- Click on the Select link for Permission Scheme.
- Select Help Desk Permission Scheme.
- Click on the Associate button.
By associating the permission scheme with our project, you have applied all of your permission changes. Now if you create a new issue or edit an existing issue, you will notice that the list of assignees will no longer include all the users in JIRA.